Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

HP has removed the keylogger functionality found by researchers in audio drivers provided for 28 laptops and tablet PCs [Read More]
Vanilla Forums rushed to update its software after a researcher released details and exploits for a couple of vulnerabilities [Read More]
Microsoft patches zero-day flaws exploited by cybercriminals and the Russia-linked cyber espionage groups Turla and APT28 [Read More]
Microsoft rushes to patch serious remote code execution vulnerability found by Google researchers in Malware Protection Engine [Read More]
eDiscovery is already a complex issue, involving multiple departments and a mix of business and technology processes. It is going to get worse. [Read More]
Mozilla has been following the certificate-related debate between Symantec and Google, and it largely agrees with the latter [Read More]
Travel technology giant Sabre tells SEC it’s investigating a payment card breach related to a hotel reservations product [Read More]
Hackers breach Unity game engine forum and claim to have stolen 2 million accounts. Unity denies passwords have been compromised [Read More]
Hackers threaten Netflix and various TV networks after stealing unreleased TV shows and movies from a production company [Read More]
Researchers claim to have found serious flaws in the nomx email security device. Vendor disputes findings [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
To harness the power embedded in disparate sources of threat data requires aggregating it and translating it into a uniform format for analysis and action.
Joshua Goldfarb's picture
The European Union’s General Data Protection Regulation includes an aspect that seems particularly relevant to the field of security operations and incident response.
Marc Solomon's picture
Security professionals want insights into the adversaries themselves – the tools as well as the tactics, techniques and procedures (TTPs) they’re using – to strengthen defenses and make life much more difficult for the bad guys.
Joshua Goldfarb's picture
Organizations should not be lured into a false sense of security if they deal in information or data that are not typically sought after by nation-state attackers.
Marc Solomon's picture
A threat intelligence platform (TIP) needs to operationalize and apply intelligence as the glue to reduce fragmentation.
Marc Solomon's picture
Companies can make their entire security infrastructure more effective by using this threat intelligence as the glue to integrate layers of point products within a defense-in-depth strategy.
Avi Chesla's picture
Security analysts are collecting all events, but are struggling to filter out non-relevant signals in an attempt to isolate the important events from the rest of the noise.
Marc Solomon's picture
There are strategies you can use so that the risk score is more relevant and useful within your specific environment.
Steven Grossman's picture
While we all dream of solving the skills shortage by completely automating the entire detection and response process, it is simply unlikely to happen in the foreseeable future.
Scott Simkin's picture
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.